#8152 Added fixes for new ping pong approach (#11649)

dotCMS · May 19, 2017 · 780f8da · 780f8da
1 parent a7918a1
commit 780f8da
Show file tree

Hide file tree

Showing 3 changed files with 35 additions and 32 deletions.
diff --git a/.../java/com/dotcms/auth/providers/jwt/services/JsonWebTokenAuthCredentialProcessorImpl.java b/.../java/com/dotcms/auth/providers/jwt/services/JsonWebTokenAuthCredentialProcessorImpl.java
@@ -72,8 +72,10 @@ public User processAuthCredentialsFromJWT(final String authorizationHeader,
                 throw new SecurityException("Invalid Json Web Token", Response.Status.BAD_REQUEST);
             }
 
-            httpSession.setAttribute(WebKeys.CMS_USER, user);
-            httpSession.setAttribute(com.liferay.portal.util.WebKeys.USER_ID, user.getUserId());
+            if (null != httpSession) {
+                httpSession.setAttribute(WebKeys.CMS_USER, user);
+                httpSession.setAttribute(com.liferay.portal.util.WebKeys.USER_ID, user.getUserId());
+            }
         }
 
         return user;

diff --git a/...MS/src/main/java/com/dotcms/rest/api/v1/system/websocket/DotCmsWebSocketConfigurator.java b/...MS/src/main/java/com/dotcms/rest/api/v1/system/websocket/DotCmsWebSocketConfigurator.java
@@ -1,28 +1,23 @@
 package com.dotcms.rest.api.v1.system.websocket;
 
-import javax.servlet.http.HttpSession;
-import javax.websocket.HandshakeResponse;
-import javax.websocket.server.HandshakeRequest;
-import javax.websocket.server.ServerEndpointConfig;
-import javax.websocket.server.ServerEndpointConfig.Configurator;
-
 import com.dotcms.auth.providers.jwt.JsonWebTokenAuthCredentialProcessor;
-import com.dotcms.auth.providers.jwt.JsonWebTokenUtils;
 import com.dotcms.auth.providers.jwt.services.JsonWebTokenAuthCredentialProcessorImpl;
 import com.dotcms.business.LazyUserAPIWrapper;
 import com.dotcms.repackage.com.google.common.annotations.VisibleForTesting;
 import com.dotcms.repackage.org.glassfish.jersey.server.ContainerRequest;
 import com.dotmarketing.business.APILocator;
 import com.dotmarketing.business.UserAPI;
-import com.dotmarketing.business.web.UserWebAPI;
-import com.dotmarketing.business.web.WebAPILocator;
 import com.dotmarketing.exception.DotDataException;
 import com.dotmarketing.exception.DotSecurityException;
 import com.dotmarketing.util.Logger;
 import com.dotmarketing.util.UtilMethods;
-import com.dotmarketing.util.WebKeys;
 import com.liferay.portal.model.User;
 
+import javax.servlet.http.HttpSession;
+import javax.websocket.HandshakeResponse;
+import javax.websocket.server.HandshakeRequest;
+import javax.websocket.server.ServerEndpointConfig;
+import javax.websocket.server.ServerEndpointConfig.Configurator;
 import java.util.List;
 
 /**
@@ -69,7 +64,7 @@ public void modifyHandshake(final ServerEndpointConfig serverEndpointConfig,
 
 		super.modifyHandshake(serverEndpointConfig, request, response);
 
-		User user = null;
+		User user      			   = null;
 		String authorizationHeader = null;
 		final List<String> headers = request.getHeaders().get(ContainerRequest.AUTHORIZATION);
 		final Object session 	   = request.getHttpSession();
@@ -80,25 +75,11 @@ public void modifyHandshake(final ServerEndpointConfig serverEndpointConfig,
 			try {
 
 				httpSession = HttpSession.class.cast(session);
-				user = (User) httpSession.getAttribute(WebKeys.CMS_USER);
+				user = (User) httpSession.getAttribute(com.liferay.portal.util.WebKeys.USER);
 
 				if (!UtilMethods.isSet(user)) {
 
 					user = this.getUserFromId(httpSession);
-
-					if (!UtilMethods.isSet(user) && ((null != headers) && (headers.size() > 0))) {
-
-						authorizationHeader = headers.get(0);
-						user = this.authCredentialProcessor.processAuthCredentialsFromJWT
-								(authorizationHeader, (HttpSession) session);
-
-					}
-				}
-
-				if (UtilMethods.isSet(user)) {
-
-					serverEndpointConfig.getUserProperties().put
-							(SystemEventsWebSocketEndPoint.USER, user);
 				}
 			} catch (Exception e) {
 
@@ -108,6 +89,28 @@ public void modifyHandshake(final ServerEndpointConfig serverEndpointConfig,
 				}
 			}
 		}
+
+		try {
+
+			if (!UtilMethods.isSet(user) && ((null != headers) && (headers.size() > 0))) {
+
+				authorizationHeader = headers.get(0);
+				user = this.authCredentialProcessor.processAuthCredentialsFromJWT
+						(authorizationHeader, httpSession);
+			}
+
+			if (UtilMethods.isSet(user)) {
+
+				serverEndpointConfig.getUserProperties().put
+						(SystemEventsWebSocketEndPoint.USER, user);
+			}
+		} catch (Exception e) {
+
+			if (Logger.isErrorEnabled(this.getClass())) {
+
+				Logger.error(this.getClass(), e.getMessage(), e);
+			}
+		}
 	} // modifyHandshake.
 
 	private User getUserFromId(final HttpSession httpSession) throws DotSecurityException, DotDataException {
@@ -119,7 +122,6 @@ private User getUserFromId(final HttpSession httpSession) throws DotSecurityExce
 		if (UtilMethods.isSet(userId)) {
 
 			user = this.userAPI.loadUserById(userId);
-			httpSession.setAttribute(WebKeys.CMS_USER, user);
 		}
 
 		return user;

diff --git a/.../src/main/java/com/dotcms/rest/api/v1/system/websocket/SystemEventsWebSocketEndPoint.java b/.../src/main/java/com/dotcms/rest/api/v1/system/websocket/SystemEventsWebSocketEndPoint.java
@@ -141,6 +141,8 @@ public void open(final Session session) {
 				user = (User) session.getUserProperties().get(USER);
 				this.queue.add(new SessionWrapper(session, user));
 				isLoggedIn = true;
+				Logger.debug(this, "New session open: " + session +
+										", with user: " + user.getEmailAddress());
 			} catch (Exception e) {
 
 				if (Logger.isErrorEnabled(this.getClass())) {
@@ -169,9 +171,6 @@ public void open(final Session session) {
 				}
 				throw new IllegalStateException(e);
 			}
-		} else {
-			// if session succesfully we start the ping pong (if it enables)
-			this.doPing(session);
 		}
 	} // open.